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[57] ABSTRACT 

A transactional server system for transferring subscriber 
information requests to information service providers, and 
methods of operating the same result in discouraging recon- 
struction of the subscriber information. The transactional 
server system comprises a subscriber platform which trans- 
fers an encrypted identification and a message request block. 
A transaction server is coupled to the subscriber platform to 
initiate a subscriber information request in response to the 
message request block and the encrypted identification, and 
transfer the message request block to the information service 
providers in response to subscriber information. A database 
server coupled to the transaction server and having a plu- 
rality of subscriber information receives the subscriber 
information request and decrypts the encrypted identifica- 
tion to provide the subscriber information to the transaction 
server. 

49 Claims, 6 Drawing Sheets 
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METHOD AND APPARATUS FOR according to one aspect of the invention, & transactional 

OPERATING A TRANSACTIONAL SERVER server system for transferring subscriber information 

IN A PROPRIETARY DATABASE requests to information service providers is provided. The 

ENVIRONMENT transactional server system comprises a subscriber platform 

5 which transfers an encrypted identification and a message 

BACKGROUND OF THE INVENTION request block. A transaction server is coupled to the sub- 
scriber platform to initiate a subscriber information request 

1. Field of the Invention in response to the message request block and the encrypted 
The present invention generally relates to operations of identification, and transfer the message request block to the 

transactional servers in an interactive TV network and more 1Q information service providers in response to subscriber 

particularly to protecting unauthorized reconstruction of information. A database server coupled to the transaction 

server databases operating with the transactional servers. server and having a plurality of subscriber information 

2. Incorporation by Reference receive t s ^ ormat ™ request and decrypts the 

1 „ . . encrypt identification to provide the subscriber informa- 

U.S. Pat. No. 5,448,568 entitled "System of Transmuting ^ £ tfae Uansaction 

An Interactive TV Signal" assigned to Thomson Consumer 15 Accordi lQ anolher of ^ invemi ^ m 

Electronics, Inc. issued Sep. 5, 1995 ts herein mcorporated fequest ^ fl p f urality of informational reques * , 

by reterencc in its entirety. Jhe dalabase auInemicates lhe enC rypted identifica- 

3. Description of the Related Arts t i on rece ived from the transaction server to verify that the 
Interactive TV networks provide its users a vast variety of ^ encrypted identification originated from the subscriber plat- 
viewing options at users leisure. The viewing options form and not a message from the transaction server in an 
include television programming, advertisements, and other effort to reconstruct the contents of the database server, 
communicable information from home banking to dentist According to another aspect of the invention, public key 
appointments. Interactive TV networks enable for example cryptography provides encryption of the message. Thus, the 
advertisers to produce interactive advertisements. Users or 25 subscriber platform includes a database server public key 
subscribers of the interactive TV system can be solicited anc j generates the encrypted identification with the database 
with the interactive advertisements that provide the sub- server public key. The dalabase server includes a database 
scribers the option to request more information about the server private key to decrypt the encrypted identification, 
advertised product. The advertiser may for example provide The subscriber platform includes a subscriber platform 
the subscriber with the requested information through nor- ^ private key and generates a signed hash with the subscriber 
mal mailing channels. platform private key from the message request block. 

As interactive TV networks become more and more According to yet another aspect of the invention, the 

widespread, specialized segments for providers to the inter- transaction server generates a message request block hash in 

active TV system will be developed and become more response to the message request block. The message request 

prominent. Because these specialized segments are inlerre- 3J block includes the signed hash from the subscriber platform 

lated to each other by the interactive TV system, devices an[ j the message request block hash from the transaction 

operating in these segments interface with each other to server. The database server receives the message request 

provide data transfers. There are instances when data trans- block and includes a subscriber public key to decrypt the 

fers between the segments will divulge proprietary data that signed hash to provide a subscriber signature that is com- 

jeopardies the livelihood of a particular segment. In those ^ parc d with the message request block hash to authenticate 

instances, safeguards are required to protect the specialized the subscriber information request. Thus, only after the 

segments from divulging proprietary data. subscriber information request has been properly authenti- 

For instance, the interactive advertising example provides cated will the database server transfer the subscriber infor- 

for a specialized segment such as a subscriber database with mation to the transaction server. 

a need to protect proprietary data during interactions with 45 An apparatus and methods for transferring subscriber 

other segments of the interactive TV network. The sub- information requests to information service providers are 

scriber database provides subscriber personal information to provided. The public key cryptography message transfers 

the advertisers in response to a subscriber request on the protect cross reference information between the subscriber 

interactive TV network. Given that there are many adver- information and the subscriber identification. Only the data- 

tisers and many interactive TV network providers offering 50 base server has access to both the subscriber information and 

access to the interactive TV system, the subscriber database the subscriber identification in decrypted form. Thus, the 

having a cross reference between the subscriber personal transaction server is discouraged from reconstructing the 

information and a subscriber identification on the interactive contents of the database server. 

TV network becomes valuable proprietary data that has to be Other aspects and advantages of the present invention can 

protected. 55 be seen upon review of the figures, the detailed description, 

Therefore, it is desirable to provide a transactional server and the claims which follow, 
operating in an interactive environment, and methods of BRIEF DESCRIPTION OF THE DRAWING 
operating the same that provide protection for certain pro- 
prietary databases interacting with other segments of the FlG - 1 illustrates a system level block diagram for digital 
interactive environment. 60 transmissions in a direct broadcast satellite system; 

FIG. 2 illustrates a transitional server system block dia- 

SUMMARY OF THE INVENTION gram [ a accordance with the present invention; 

The present invention provides a system for operating a FIG. 3 illustrates a flow diagram of the subscriber plat- 

transactional server and method for operating the same form generating an information request; 

which result in protecting a database from unauthorized 65 FIG. 4 illustrates a flow diagram of the transaction server 

reconstruction. The novel transactional server architecture is responding to an information request from the subscriber 

based on encryption of messages between devices. Thus, platform; 
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FIG. 5 illustrates a Sow diagram of the database server for the decoder 145 via return channel 157. The return 

responding to a subscriber information request from the channel 157 may be a telephone line or a cable line, 

transaction server; and With particular reference in FIG. 2, there is shown a 

FIG. 6 illustrates a flow diagram of the transaction server transactional server system 270 for transferring subscriber 

responding to subscriber information from the database 5 information requests to information service providers io 

server. accordance with the present invention. The transactional 

server system 270 includes a subscriber platform 145 (also 

DETAILED DESCRIPTION referred as decoder 145 of FIG. 1), a transaction server 260, 

The invention will be described with respect to the a database server 276 and at least one information server 

Figures in which FIG. 1 generally shows a digital transmis- 10 278. Dashed line represents inclusion of the transaction 

sion system, as for example a direct broadcast satellite server 260, the database server 276, and the application 

system. It is presumed that a single satellite transponder servers 278 as part of the service provider 13 of FIG. 1 for 

accommodates a plurality of respective TV programs in time purposes of clarity to the present invention. The transac- 

division multiplexed format. tional server system 270 prevents the transaction server 260 

Referring to FIG. 1, the direct broadcast satellite system 15 & om reconstructing the contents of the database server 276. 
10 includes a broadcast center 12, service provider 13, and In brief, the subscriber platform 145 has a subscriber 
an end user 14. The broadcast center 12 includes an appli- identification and generates a message request block. The 
cation server 115, an audio and video source 120, encoder message request block requests information from the infor- 
and multiplexer 125, and satclUtc transmitter 130. The mation servers 278. The subscriber platform 145 transfers an 
application server 115 controls execution of interactive TV 20 information request 275 which includes an encrypted sub- 
applications which are loaded into the logic circuits of the scriber identification and the message request block to the 
application server 115 to perform a series of specifically transaction server 260. 

identified operations dictated by the interactive TV applica- The transaction server 260 couples to the subscriber 

tions. platform 145. The transaction server 260 receives the mes- 

The interactive TV applications include associated audio sage request block and the encrypted subscriber identifica- 

and video information sources 120. The application server lion. The transaction server 260 provides a subscriber infor- 

US synchronizes the interactive TV applications and the mation request 279 from the database server 276 which 

associated audio and video information sources 120 into includes the encrypted subscriber identification, 

transport packets that provide inputs to the encoder and 3Q The database server 276 couples to the transaction server 

multiplexer 125. The encoder and multiplexer 125 receives 260 and receives the subscriber information request 279 

the transport packets and encodes the transport packets for from the transaction server 260. The database server 276 

transmission. Satellite transmitter 130 time-multiplexes the provides storage for subscriber information and subscriber 

transport packets and transmits the transport packets as identification. The database server 276 includes a cross 

upload signal 133 to satellite 135. 35 reference table which provides a link between subscriber 

The broadcast center 12 is described in detail in issued information and subscriber identification. Upon receipt of 

U.S. Pat. No. 5,448,568 entitled "System of Transmitting an the subscriber information request 279, the database server 

Interactive TV Signal" assigned to Thomson Consumer 276 decrypts the subscriber identification to access the 

Electronics, Inc. issued Sep. 5, 1995. The U.S. Pat. No. subscriber information from storage and transfers the sub- 

5,448,568 is herein incorporated by reference in its entirety. 4Q scriber information 280 to the transaction server 260. 

Satellite 135 receives the upload signal 133 and transmits At least one information server 278 couples with the 

download signal 137 to end user 14. The end user 14 transaction server 260. The transaction server 260 transfers 

includes satellite dish 140, decoder 145, TV 150, remote the subscriber information 280 and the subscriber message 

control 155, and return channel 157. Satellite dish 140 request 282 to the information servers 278. The transaction 

receives the download signal 137 and provides an output to 45 server 260 returns a subscriber acknowledge 277 to the 

decoder 145. The decoder 145 includes a software operating subscriber platform 145. 

system loaded into the logic circuits of the decoder 145 thai Furthermore, the subscriber platform 145 includes logic 
performs a series of steps to control the operations of the circuits in which loaded open TV transmission applications 
decoder 145. The decoder 145 receives the download signal execute to perform a series of interactive transactions 
137 from satellite dish 140 and decodes the transmitted 50 between the user 14 (FIG. 1) and the subscriber platform 
interactive TV application and its associated audio and video 145. The subscriber platform 145 includes a message gen- 
information 120. The decoder 145 executes the interactive erator 271 which queues message requests including adver- 
TV application and provides audio and video outputs to TV tising information requests. The subscriber platform 145 
150. According to the present invention, the decoder 145 concatenates the queued message requests into a message 
includes an MPEG-2 (Moving Pictures Experts Group) 55 request block for transfer to the transaction server 260. 
video decoder. According to one aspect of the present invention, the 

Remote control 155 provides inputs to the decoder to information requests 275 which include the message 

select execution of other interactive TV applications for requests are forwarded automatically at a specific time of the 

output to TV 150. The decoder 145 includes an input/output day or night. In another aspect, an external trigger is 

port 156 that couples to return channel 157 for communi- 6D provided to forward messages upon an electronic queue. In 

cation to service provider 13. another aspect, the messages are forwarded when a message 

The service provider 13 includes a transaction server 160 in the message queue reaches a certain age. 

to provide local interaction with the end user 14. The The subscriber platform 145 includes an encryptor 272 to 

transaction server 160 includes an input/output port 158 secure message transfers to the transaction server 260. The 

which couples to return channel 157. The transaction server 65 subscriber platform 145 includes a database server public 

160 provides monitoring of transactions performed by the key and encrypts the subscriber identification with the 

end user 14 and updating of the software operating system database server public key. The encryptor 272 also "salts" 
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the encrypted subscriber identification by packing the sub- server 276 includes a retrieval processor 284 which retrieves 
scriber identification with additional information. This salt- a subscriber platform public key stored in a location that 
ing provides an additional level of security to further dis- corresponds with the serial number of the subscriber plat- 
courage reconstruction of the subscriber identification. &nn 145. With the subscriber public key, the decryptor 
The subscriber platform 145 also uses a symmetric 5 processor 286 decrypts the signed hash value to produce the 

encryption system having a single secret key to encrypt the vcr ^ t b f h t ^ lue K that .^ aS f T^l^ * 

ui i. c* i , , , a A„ request by the subscriber platform 145. The database server 

message request block. Single secret key cryptography can ^ a verifier ^ ^ 

both encrypt and decrypt a message, lhe single secret Key vefif hash value 

transaction server 260 with the 

cryptography enables ra pi d encryption of larger data sets as D£S hash valuc for a matd) tQ authcnticatc ^ subs cribcr 

opposed to the public key cryptography. Thus, because the » mformation reques , 27 9 from the transaction server 260. 

message request block typically contains larger sets of data, If lhe DES hasb vahlc and mc verify hash vaJue do not 

the subscriber platform 145 encrypts the message request matchi me verifier a NAK (Not Acknowledge d) to 

block with DES (Digital Encryption Standard) to provide a lhe transaction server 260 which responds by cancelling the 

DES message request block. subscriber information request. When the DES hash value 

DES is an encryption block cipher defined and endorsed 15 matches the verify hash value, the verifier 288 returns an 

by the U.S. government in 1977 as an official standard. DES ACK (acknowledge) to the subscriber information request 

is one of the most well-known and widely used cryptosys- 279 and provides the subscriber information 280 which 

tern in the world. There are several practical considerations corresponds to the serial number of the subscriber platform 

that can affect the security of the encrypted DES data. An 145 to the transaction server 260. 

attack with sustained data analysis could uncover the secret 20 The transaction server 260 includes a decryptor processor 

key. The DES key should be frequently changed to optimize 269 which decrypts the encrypted DES key with its private 

security. Accordingly, the DES key of the present invention key to produce the DES key. Once the DES key is decrypted, 

is a random DES key, generated by the subscriber platform the decryptor processor 269 decrypts the DES message 

request block to produce the subscriber requests which 

.', , nrc . . , ,25 include the advertising information requests. The decrypted 

Although DES is used to encrypt the message request m ^ h] J k ^ disconcatc 7 atcd ioto 

block in accordance with the present invention, it can be mcssagcs . For cach component message request in the 
appreciated that various bulk encryption algorithms may be message request block, the receive processor 264 sends a 
used as alternatives to DES in accordance with the present confirmation to the subscriber platform 145. The decryptor 
invention. One is FEAL (Fast Encryption Algorithm). The 3o processor 269 also transfers the component message request 
U.S. government recently announced a new algorithm called t0 an appropriate information server 278 to service the 
Skipjack as part of its Capstone project. RIVEST has information request 275. Along with each component mes- 
developed the ciphers RC2 and RC4 which can be made as sage reqU est, the transaction server 260 includes the sub- 
secure as necessary because they use variable key sizes. scriber information 280. 

Once the message request block is DES encoded to 35 The information servers 278 receive the subscriber infor- 

provide the DES message request block, the subscriber mation 280 and the subscriber message request 282 and 

platform 145 generates a verify hash value of the DES provide responses accordingly. For example, the subscriber 

message. This verify hash value is encrypted or "signed" information includes mailing information of the subscriber 

with the subscriber platform private key to provide a signed platform 145 so that an information server 278 is able to 

hash value or digital signature. 40 respond to the information request 275 by direct mailing to 

Next, the subscriber platform 145 encrypts the random the user 14 of the subscribcr platform 145. 
generated DES key with the transaction server public key to FIG. 3 illustrates a flow diagram of the subscriber plat- 
provide an encrypted DES key. A transaction server private form 145 as it generates a information request 275. In step 
key is required to decrypt the encrypted DES key; thus, only 326, the subscriber platform 145 generates messages and 
the transaction server 260 having the transaction private key 45 concatenates the messages into a message request block 
can decrypt the encrypted DES key. The subscriber platform which includes an advertising request. Next, the subscriber 
145 transmits the information request 275 having the DES platform 145 randomly generates a DES key and encrypts 
message request block, the signed hash value, the encrypted the message request block with the DES key in step 328. 
subscriber identification, and the encrypted DES key to the step 330 encrypts the DES key with the transaction server 
transaction server 260. 50 public key to provide an encrypted DES key. 

The transaction server 260 includes a receive processor In order to enable the database server 276 to authenticate 

264 which receives the information request 275 having the the origin of the messages, the subscribcr generates a verify 

DES message request block, the signed hash value, the hash value of the encrypted message request block and signs 

encrypted subscriber identification, and the encrypted DES the hash value with its private key to provide the signed hash 

key from the subscriber platform 145. The transaction server 55 or also referred to as a digital signature in step 332. Because 

260 includes an information request generator 268 which the digital signature is encrypted with the subscriber private 

calculates a DES hash value from the DES message request key, the signature is decrypted with the subscriber platform 

block. The information request generator 268 generates a public key. The database server 276 includes a copy of the 

subscriber information request 279 having the signed hash subscriber platform public key. In step 334, the subscriber 

value, the DES hash value, and encrypted subscriber iden- eo identification is encrypted with the database server public 

tification to the database server 276. The subscriber infor- key to provide an encrypted subscriber identification which 

mation request 279 prompts the database server to return only the database server 276 can decrypt with its private key. 

subscriber information 280. In step 336, the subscriber platform 145 sends the informa- 

The database server 276 includes message decryptor tion request 275 which includes the encrypted message 

processor 286 which decrypts the encrypted subscriber 65 request block, the encrypted DES key, the signed hash value, 

identification with the database server private key to produce and the encrypted subscriber identification to the transaction 

a serial number of the subscriber platform 145. The database server 260. 
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FIG. 4 illustrates a flow diagram of the transaction server ferred to the transaction server 260. The transaction server 
260 as it receives a information request 275 from the 260 transfers the encrypted subscriber identifications to 
subscriber platform 145. The flow diagram begins with step access subscriber data from a database server. Only the 
440 where the transaction server 260 receives the infbnna- database server has access to both the subscriber information 
tion request 275 including the encrypted message request 5 and the subscriber identification in decrypted form. The 
block, the encrypted DES key, the signed hash value, the encrypted message transfers protects cross reference infor- 
encryptcd message request block and the encrypted sub- mation between the subscriber information and the sub- 
scriber identification. Next, the transaction server 260 cal- scriber identification. Thus, the transaction server can not 
culates a hash value for the encrypted message request block reconstruct the contents of the database server. Although the 
to provide a DES hash value in step 443. The flow diagram 1Q embodiments for a transactional server system have been 
ends with step 445 where the transaction server 260 gencr- disclosed with reference to an interactive TV system, varia- 
atcs a subscriber information request 279 which includes tions of the transactional server system according to the 
transferring the signed hash value, the DES hash value, and present invention are applicable in other network applica- 
thc encrypted subscriber identification to the database server tions. 

276. 15 The foregoing description of a preferred embodiment of 

FIG. 5 illustrates a flow diagram of the database server the invention has been presented for purposes of illustration 

276 as it receives the subscriber information request 279. and description. It is not intended to be exhaustive or to limit 

The flow diagram begins with step 550 where the database the invention to the precise forms disclosed. Many modifi- 

server 276 receives the subscriber information request 279 cations and variations will be apparent to the practitioners 

including the signed hash value, the DES hash value, and the ^ skilled in the art. It is intended that the scope of the invention 

encrypted subscriber identification from the transaction be defined by the following claims and their equivalents, 

server 260. In step 552, the database server 276 decrypts the What is claimed is: 

encrypted subscriber identification with its private key to 1. A transactional server system for transferring sub- 
produce a serial number of the subscriber platform 145. scriber information requests to information service provid- 
Next, the database server 276 retrieves a subscriber platform 25 ers comprising: 

public key stored in a location that corresponds with the a subscriber platform configured to transfer an encrypted 

serial number of the subscriber platform 145 in step 554. identification and a message request block; 

With the subscriber public key, step 555 provides that the a transaction server coupled to the subscriber platform to 

database server 276 decrypts the signed hash value to initiate a subscriber information request in response to 

produce the verify hash value thai was originally generated 30 the message request block and the encrypted 

from the DES message request by the subscriber platform identification, and transfer the message request block to 

145. Verification step 556 provides that the database server the information service providers in response to sub- 

276 compares the verify hash value from the subscriber scriber information; and 

platform 145 with the DES hash value from the transaction a database server coupled to the transaction server and 

server 260 for a match to authenticate the subscriber infor- 35 having a plurality of subscriber information configured 

mation request from the transaction server 260. to receive the subscriber information request and 

Step 558 provides that when the DES hash value and the decrypts the encrypted identification to provide the 

verify hash value do not match, the database server 276 subscriber information to the transaction server, 

sends a NAK to the transaction server 260 and ends server 2. The transactional server system according to claim 1, 

processing on the subscriber information request. In step 4 q wherein the message request block includes a plurality of 

159, when the DES hash value matches the verify hash informational requests. 

value, the database server 276 returns an ACK to the 3. The transactional server system according to claim 1, 

subscriber information request and provides the subscriber wherein the database server authenticates the encrypted 

information 280 corresponding with the subscriber platform identification received from the transaction server to verify 

145 serial number to the transaction server 260. 45 that the encrypted identification originated from the sub- 

FIG. 6 illustrates a flow diagram of the transaction server scriber platform. 

260 as it receives the subscriber information 280 from the 4. The transactional server system according to claim 1, 

database server 276. The flow diagram begins with step 670 wherein the subscriber platform includes a database server 

where the transaction server 260 receives the requested public key and is configured to generate the encrypted 

subscriber information 280. Next, the transaction server 260 50 identification with the database server public key. 

decrypts the encrypted DES key with its private key to 5. The transactional server system according to claim 4, 

produce the DES key in step 672. Once the DES key is wherein the database server includes a database server 

decrypted, step 674 provides decrypting of the DES message private key to decrypt the encrypted identification, 

request block to produce the subscriber message requests. 6. The transactional server system according to claim 1, 

Because the subscriber message requests are concatenated 55 wherein the subscriber platform includes a subscriber plat- 

into a message request block, step 676 disconcatenates the form private key and is configured to generate a signed hash 

message request block into component messages. In step with the subscriber platform private key from the message 

678, the transaction server 260 directs each component request block. 

message request of the message request block and the 7. The transactional server system according to claim 6, 

subscriber information 280 to an appropriate information so wherein the transaction server is configured to provide a 

server 278 corresponding to the message request. message request block hash in response to the message 

Accordingly, an apparatus and method for operating a request block, 

transactional server system in an interactive environment 8. The transactional server system according to claim 7, 

have been provided. A transaction server 260 processes wherein: 

information requests from subscriber platforms having sub- 65 the message request block includes the signed hash from 

scriber identifications which are secret. Cryptography mes- the subscriber platform and the message request block 

sage requests having the subscriber identifications arc trans- hash from the transaction server; and 
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the database server is configured to receive the message 
request block and includes a subscriber public key to 
decrypt the signed bash to provide a subscriber signa- 
ture thai is compared with the message request block 
hash to authenticate the subscriber information request. 

9. The transactional server system according to claim 8, 
wherein the database server is configured to transfer the 
subscriber information to the transaction server in response 
to a proper authentication. 

10. A method of operating a transactional processor for 
requesting information in an interactive environment com- 
prising the steps: 

transferring an information request having an identifica- 
tion and requested data to a transaction server, 

transferring the information request to a database server; 

verifying the information request to validate originality of 
the information request is indeed a subscriber request; 

retrieving subscriber information corresponding to the 
identification; 

transferring the subscriber information to the transaction 
server; and 

transferring the subscriber information and the requested 
data to an application processor which provides the 
requested data to at least one subscriber based on the 
subscriber information. 

11. A method of operating a transactional processor sys- 
tem for requesting information in an interactive environment 
comprising the steps: 

encrypting an information request to provide an encrypted 

request information and an encrypted identification 
transferring the information request having the encrypted 

identification and the encrypted request information to 

a transaction server, 
transferring the information request to a database server; 
verifying the information request to validate originality of 

the information request; 
retrieving subscriber information corresponding to the 

encrypted identification; 
transferring the subscriber information to the transaction 

server; and 

transferring the subscriber information and the encrypted 
request information to an application processor. 

12. The method of operating the transactional server 
system according to claim 11 further comprising the step: 

generating a verification hash of the encrypted request 

information; and 
encrypting the verification hash with a subscriber private 

key to provide a signed hash. 

13. The method of operating the transactional server 
system according to claim 12, wherein the step encrypting 
the information request includes the step encrypting the 
encrypted identification with a database public key. 

14. The method of operating the transactional server 
system according to claim 13, wherein the step transferring 
the information request to the transaction server includes the 
step transferring the encrypted request information, the 
encrypted identification, and the signed hash. 

15. The method of operating the transactional server 
system according to claim 14, wherein the step transferring 
the information request to the database server includes the 
steps: 

generating a request information hash from the encrypted 

request information; and 
transferring the request information hash, the signed hash, 

and the encrypted identification to the database server. 
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16. The method of operating the transactional server 
system according to claim 15, wherein the step of verifying 
the information request includes the steps: 

decrypting the encrypted identification with a database 
5 private key to provide a serial number; 

retrieving a subscriber public key corresponding to the 

serial number, 
decrypting the signed hash with the subscriber public key 
to provide the verification hash; and 
to comparing the verification hash with the request informa- 
tion bash to determine a match. 

17. The method of operating the transactional server 
system according to claim 16, wherein the step of retrieving 
subscriber information includes the step associating the 

J5 serial number with a subscriber information storage location 
within the database to provide the subscriber information. 

18. The method of operating the transactional server 
system according to claim 17, wherein the step retrieving the 
subscriber information includes the steps: 

20 decrypting the encrypted request information to provide 
requested data; and 
transferring the requested data and the subscriber infor- 
mation to the application processor. 

19. The method of operating the transactional server 
25 system according to claim 18, wherein the requested data 

includes a plurality of components and the step of retrieving 
the subscriber information from the database in response to 
the serial number include splitting the requested data into 
components to provide application data corresponding to an 
30 associated information server. 

20. A method of operating a transaction server comprising 
the steps: 

receiving an information request having an identification 
and requested data wherein the information request 
35 includes an encoded message; 

decrypting a key with a transaction server private key: 
retrieving subscriber information corresponding to the 
identification; and 
40 transferring the subscriber information and the requested 
data to an application processor which provides the 
requested data to a subscriber based on the subscriber 
information. 

21. A method of operating a transaction server comprising 
45 the steps: 

receiving an information request having an identification 
and requested data wherein the information request 
includes a DES encoded message and the step of 
receiving the information request includes decrypting a 
50 DES key with a transaction server private key; 

retrieving subscriber information corresponding to the 

identification; and 
transferring the subscriber information and the requested 
data to an application processor. 
55 22. The method of operating the transaction server 
according to claim 21, wherein the step of retrieving sub- 
scriber information include the step generating a DES hash 
from the DES encoded message. 

23. The method of operating the transaction server 
60 according to claim 21, wherein the step of retrieving sub- 
scriber information includes the step of decrypting the DES 
encoded message with the DES key. 

24. The method of operating the transaction server 
according to claim 21, wherein the step of transferring the 

65 subscriber information and requested data includes the step 
of disconcatenating the information request to provide com- 
ponent messages. 
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25. A method of operating a database server comprising 33. The transaction server according to claim 32, wherein 
the steps: the decryptor is configured to generate a DES hash from the 

retrieving subscriber information in response to a sub- DES encoded message. 

scriber information request having an identification 34. The transaction server according to claim 31 wherein 

from a transactional server, 5 ih e processor is configured to disconcatenate the information 

verifying the subscriber information request to validate request to provide component messages. 

originality of the subscriber information request is 35. a database server for receiving encoded information 

indeed a subscriber request; requests comprising: 

retrieving the subscriber information corresponding to the w a decryptor configured to decrypt a subscriber information 

identification; and rcqucsl having ^ identification; 

transferring the subscriber information to a transaction a verifier configured to verify the subscriber information 

sea ' en to validate originality of the subscriber information 

26. A method of operating a database server comprising request; and 

the steps. 15 a reu -i eve processor configured to retrieve the subscriber 

retrieving subscriber information in response to a sub- information corresponding to the identification and 

scriber information request having an identification; transfer the subscriber information to a transaction 

decrypting the identification to produce a serial number; server. 

verifying the subscriber information request to validate 36 - The database server according to claim 35, wherein 

originality of the subscriber information request; 20 the decryptor is configured to decrypt the identification to 

retrieving the subscriber information corresponding to the produce a serial number. 

identification; and 37. The database server according to claim 36, wherein 

transferring the subscriber information to a transaction ,he retrieve processor is configured to cross reference the 

server, 25 serial number to provide the subscriber information. 

27. The method of operating a database server according 38. The database server according to claim 35, wherein 
to claim 26, wherein the step of retrieving the subscriber the information request includes a digital signature and the 
information includes retrieving the subscriber information decryptor is configured to decrypt the signature to provide a 
corresponding to the serial number. tjes hash 

28. The method of operating a database server according 3D 39. y^' database Mmr according to claim 38, wherein 
to claim 27 wherein the subscriber ( information request - mUimMioa Kqncst mcludes a verify hash and the 
includes a subscriber signature and the step of verifying ._ c . i ■ L L 
includes the step retrieving a subscriber public key to verifi " * f^ 8 ^ 10 C ° mp ™ VCnfy ^ Wth 
decrypt a subscriber signature. DES hash for a match - 

29. The method of operating a database server according 35 40- The database server according to claim 38, wherein 
to claim 28, wherein the step of retrieving the subscriber the retrieve processor is configured to retrieve a particular 
public key includes the step retrieving the subscriber public public key for the decryptor to decrypt the digital signature, 
key from a location corresponding to the serial number. 41. A subscriber platform for providing information 

30. A transaction server for processing information requests having a subscriber identification comprising: 
requests comprising: 40 a messa ge generator configured to generate a message 

a receiver configured to receive an information request block; 

having an identification and requested data; an encry p lor configured to encrypt the message block and 

a subscriber information requestor configured to provide generate a digital signature of the message block; 

an encoded subscriber information request in response an encrypted identification generator configured to 

to the identification to a data base; and 45 encrypt the subscriber identification to provide an 

a processor configured to receive the subscriber informa- encrypted identification; and 

lion from the database and provide message requests in a transmitter configured to transmit the message block, 

response to the subscriber information and the the digital signature and the encrypted identification to 

requested data to an application server. provide an information request. 

31. A transaction server for processing information 50 42. The subscriber platform according to claim 41, 
requests comprising: wherein the encryptor is configured to generate a random 

a receiver configured to receive an information request DES key and encrypt the message block to provide a DES 

including an encoded message having an identification message block. 

and requested data; 55 43 subscriber platform according to claim 42, 

a decryptor configured to decrypt the information request; wherein the encryptor is configured to generate a DES hash 

subscriber information requestor configured to provide an 0 f mc DES message block and sign the DES message block 

encoded subscriber information request in response to lQ providc a digital signature. 

the identification; and ^ The subscri5er platform according to claim 41, 

a processor configured to receive the subscriber informa- 60 wherfjin lfae encTvpted identification generator is configured 

tion and provide message requests in response to the (q ^ idcmificatioQ ^ a rticuIaf 51ic k 

subscriber information and the requested data. . *. , / . . 

32. The transaction server according to claim 31, wherein 45 ' mcthod °' gating a subsenber platform having a 
the encoded message includes a DES encoded message and subscriber identification to provide information requests 
the decryptor is configured to retrieve a transaction server 55 comprising the steps: 

private key and decrypt a DES key for the DES encoded concatenating message requests to provide a message 

message. block; 
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encrypting the message block; 
generating a bash of the message block; 
signing tbc hash to provide a digital signature; 
encrypting tbe subscriber identification to provide an 

encrypted identification; and 
transferring the encrypted message block, the digital 

signature, and the encrypted identification to provide an 

information request. 
46. The method of operating the subscriber platform 
according to claim 45, wherein tbc step of encrypting the 
message block includes the steps: 
creating a random DES key; and 
encrypting the message block with the DES key to 

provide an DES message block. 
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47. The method of operating the subscriber platform 
according to claim 46, wherein the step of encrypting the 
message block includes the step encrypting the DES key 
with a particular public key. 

48. The method of operating the subscriber platform 
according to claim 45, wherein the step of signing includes 
the step encrypting the hash with a subscriber private key. 

49. The method of operating the subscriber platform 
according to claim 45, wherein the step of encrypting the 
subscriber identification includes the step of encrypting the 
subscriber identification with a particular public key. 
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